T-Mobile

Link: [1]File-List

29th November 2009

Case Reference Number IRQ0280558

Dear Mr John

Thank you for your e-mail dated 17 November 2009 and subsequent e-mail
which we received today.

Your request is being dealt with in accordance with the Freedom of
Information Act 2000. We will respond by 15 December 2009 which is 20
working days from the day after we received your request.

Yours sincerely

Charlotte Powell

Internal Compliance Manager

show quoted sections

Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow,
Cheshire, SK9 5AF
Tel: 01625 545 700 Fax: 01625 524 510 Web: www.ico.gov.uk

References

Visible links
1. file:///tmp/rad4A552_files/filelist.xml

Link: [1]File-List

7th December 2009

Case Reference Number IRQ0280558

Dear Mr John

I am writing further to our email dated 29 November 2009 in which we
acknowledged your request for information to the Information
Commissioner’s Office (ICO).

Specifically you referred to “an unlawful leak of personal
information” by T-Mobile and requested;

“- when did T-Mobile alert the Information Commissioners Office?
- please will you disclose the correspondence items (email, fax, letter
etc) from T-Mobile associated with that alert, with dates
- please will you disclose the correspondence items (email, fax, letter
etc) sent in response by the ICO, with dates
- please will you disclose the number of people who have been interviewed
in connection with this matter
- please will you disclose the number of warrants obtained, and the number
of warrants executed on premises”.

As explained in our acknowledgment we are treating your request as a
request for information under the Freedom of Information Act 2000 (the
FOIA).

In answer to the first part of your request please be advised that the
date upon which the ICO was made aware by T-Mobile of the issue was 16
December 2008.

In regard to the other four parts of your request unfortunately we are
unable to provide you with the information which you seek.  This is
because this information is exempt under Section 30 of the FOIA which
concerns investigations and proceedings conducted by public authorities.

Section 30(2) of the FOIA states;

“Information held by a public authority is exempt information if –

(a) it was obtained or recorded by the authority for the purposes of its
functions relating to -

(i) investigations falling within subsection (1)(a) or (b)”

The investigations outlined in section 30(1)(a)

“(a) any investigation which the public authority has a duty to conduct
with a view to it being ascertained -

(i) whether a person should be charged with an offence, or

(ii) whether a person charged with an offence is guilty of it,

(b) any investigation which is conducted by the authority and in the
circumstances may lead to a decision by the authority to institute
criminal proceedings which the authority has power to conduct”

These purposes apply when the Information Commissioner is determining
whether a criminal offence has been committed under the Data Protection
Act 1998 (the DPA), and whether to take action.

This exemption is a “class based exemption” which means that it is not
necessary to identify some harm or prejudice that may arise as a result of
the disclosure.  However, this exemption is not absolute.  When
considering whether to apply it in response to a request for information,
there is a ‘public interest test’.  That is, we must consider whether
the public interest favours withholding or disclosing the information. 
  

In this case the public interest factors in disclosing the information
within the scope of the request are –

o increased transparency in the way in which the ICO conducts its
investigations

The factors in withholding the information are –

o the public interest in not prejudicing the ICO’s ongoing
investigation into a possible criminal offence under the DPA
o the public interest in maintenance of independence of the judicial and
prosecution processes
o the public interest in not prejudicing any prosecution which may arise
out of the ICO’s investigation.

Having considered all of these factors we have taken the decision that the
public interest in withholding the information outweighs the public
interest in disclosing it.  I am sorry, therefore, that in this instance
we are unable to provide you with the information from the investigation
that you have requested. 

Finally I note that you appear to have concerns that the ICO “would take
such
drastic action against T-Mobile, yet take no action at all with respect to
the BT/Phorm scandal”.  As you will appreciate the issues involved in
these two matters are very different.  In respect of the T-Mobile issue
the ICO is looking into possible criminal offences committed under the DPA
whereas the matter of BT and Phorm regarding targeted online marketing did
not involve any criminal offences under the DPA but raised issues of fair
processing and compliance with the first Data Protection principle.  It
may be useful for you to refer to the link below to the press release
issued by the ICO on 17 November 2009 which provides more information.

[2]http://www.ico.gov.uk/upload/documents/p...

Your email of 17 November 2009 also contains the following statement;

“Please could you also take this opportunity to assure me that T-Mobile
will not escape compliance with the Data Protection Act because this was a
functional and technical trial of an advertising idea, it was small scale
and technical in nature, and it would have been difficult to frame any
advice for customers about the nature of the leaked information and obtain
any relevant consents for the processing of personal data with a wording
that would have any resonance at all for theory customers?”

As you will appreciate this is not a Freedom of Information request as you
are seeking an “assurance” rather than recorded information.  However
we are not clear what “assurance” you are seeking as we are not
investigating T-Mobile in relation to “a functional and technical trial
of an advertising idea”.

If you are dissatisfied with the response you have received in relation to
your Freedom of Information request and wish to request a review of our
decision or make a complaint about how your request has been handled you
should write to the Internal Compliance Team at the address below or
e-mail [3][email address]

Your request for internal review should be submitted to us within 40
working days of receipt by you of this response. Any such request
received after this time will only be considered at the discretion of the
Commissioner.

If having exhausted the review process you are not content that your
request or review has been dealt with correctly, you have a further right
of appeal to this office in our capacity as the statutory complaint
handler under the legislation.  To make such an application, please write
to the Case Reception Team, at the address below or visit the
‘Complaints’ section of our website to make a Freedom of Information
Act or Environmental Information Regulations complaint online.

A copy of our review procedure is attached.

Yours sincerely

Joanne Crowley

Assistant Internal Compliance Manager

show quoted sections

Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow,
Cheshire, SK9 5AF
Tel: 01625 545 700 Fax: 01625 524 510 Web: www.ico.gov.uk

References

Visible links
1. file:///tmp/radDC357_files/filelist.xml
2. http://www.ico.gov.uk/upload/documents/p...
3. mailto:[email address]